<?php
session_start();
if (($_POST['username'] != null) && ($_POST['password'])) {
	$username = $_POST['username'];
	$password = md5(trim($_POST['password']));
	
	$conn = mysqli_connect('localhost','book','zxc235711','book');
	if (mysqli_errno($conn)) {
		mysqli_error($conn);
		exit;
	}

	mysqli_set_charset($conn, 'utf8');
	$sql = "select * from user where username = '$username'";
	$res = mysqli_query($conn, $sql);
	$row = mysqli_fetch_assoc($res);

	if ($row['password'] == $password) {
		$_SESSION['username'] = $username;
		$_SESSION['password'] = $password;

		header('Location: welcome.php');
	}else{
		echo "密码不正确";
	}
}

?>

<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<title>用户登录</title>
</head>
<body>
	<form action="" method="POST">
		<div>
			用户名：<input type="text" name="username" />
			密 码：<input type="password" name="password" />
			<input type="submit" value="登录">

		</div>

	</form>

</body>
</html>